Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
80b4dd31 by security tracker role at 2019-06-08T08:10:15Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2019-12779 (libqb before 1.0.5 allows local users to overwrite arbitrary
files via ...)
+ TODO: check
CVE-2019-12778
RESERVED
CVE-2019-12777 (An issue was discovered on the ENTTEC Datagate MK2, Storm 24,
Pixelato ...)
@@ -558,12 +560,12 @@ CVE-2019-12508
RESERVED
CVE-2019-12507 (An XSS vulnerability exists in PHPRelativePath (aka Relative
Path) thr ...)
NOT-FOR-US: Relative Path PHP library
-CVE-2019-12506
- RESERVED
-CVE-2019-12505
- RESERVED
-CVE-2019-12504
- RESERVED
+CVE-2019-12506 (Due to unencrypted and unauthenticated data communication, the
wireles ...)
+ TODO: check
+CVE-2019-12505 (Due to unencrypted and unauthenticated data communication, the
wireles ...)
+ TODO: check
+CVE-2019-12504 (Due to unencrypted and unauthenticated data communication, the
wireles ...)
+ TODO: check
CVE-2019-12503
RESERVED
CVE-2019-12502 (There is a lack of CSRF countermeasures on MOBOTIX S14
MX-V4.2.1.61 ca ...)
@@ -3449,6 +3451,7 @@ CVE-2019-11359 (Cross-site scripting (XSS) vulnerability
in display.php in I, Li
CVE-2019-11357
RESERVED
CVE-2019-11356 (The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12
and 3.0 ...)
+ {DSA-4458-1}
- cyrus-imapd 3.0.8-6
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1717828
NOTE:
https://github.com/cyrusimap/cyrus-imapd/commit/a5779db8163b99463e25e7c476f9cbba438b65f3
@@ -9926,13 +9929,11 @@ CVE-2019-9089
RESERVED
CVE-2019-9088
RESERVED
-CVE-2019-9087
- RESERVED
+CVE-2019-9087 (HotelDruid before v2.3.1 has SQL Injection via the
/tab_tariffe.php nu ...)
- hoteldruid 2.3.2-1
[stretch] - hoteldruid <no-dsa> (Minor issue)
[jessie] - hoteldruid <no-dsa> (low popcon)
-CVE-2019-9086
- RESERVED
+CVE-2019-9086 (HotelDruid before v2.3.1 has SQL Injection via the
/visualizza_tabelle ...)
- hoteldruid 2.3.2-1
[stretch] - hoteldruid <no-dsa> (Minor issue)
[jessie] - hoteldruid <no-dsa> (low popcon)
@@ -9941,8 +9942,7 @@ CVE-2019-9085
- hoteldruid 2.3.2-1
[stretch] - hoteldruid <no-dsa> (Minor issue)
[jessie] - hoteldruid <no-dsa> (low popcon)
-CVE-2019-9084
- RESERVED
+CVE-2019-9084 (In Hoteldruid before 2.3.1, a division by zero was discovered
in $num_ ...)
- hoteldruid 2.3.2-1
[stretch] - hoteldruid <no-dsa> (Minor issue)
[jessie] - hoteldruid <no-dsa> (low popcon)
@@ -19059,8 +19059,8 @@ CVE-2019-5443
RESERVED
CVE-2019-5442
RESERVED
-CVE-2019-5441
- RESERVED
+CVE-2019-5441 (An OS Command Injection has been discovered in the Nextcloud
App: Extr ...)
+ TODO: check
CVE-2019-5440 (Use of cryptographically weak PRNG in the password recovery
token gene ...)
NOT-FOR-US: Revive Adserver
CVE-2019-5439
@@ -22094,12 +22094,12 @@ CVE-2019-3959
RESERVED
CVE-2019-3958
RESERVED
-CVE-2019-3957
- RESERVED
-CVE-2019-3956
- RESERVED
-CVE-2019-3955
- RESERVED
+CVE-2019-3957 (Dameware Remote Mini Control version 12.1.0.34 and prior
contains an u ...)
+ TODO: check
+CVE-2019-3956 (Dameware Remote Mini Control version 12.1.0.34 and prior
contains an u ...)
+ TODO: check
+CVE-2019-3955 (Dameware Remote Mini Control version 12.1.0.34 and prior
contains a un ...)
+ TODO: check
CVE-2019-3954
RESERVED
CVE-2019-3953
@@ -28233,35 +28233,34 @@ CVE-2019-2104
RESERVED
CVE-2019-2103
RESERVED
-CVE-2019-2102
- RESERVED
-CVE-2019-2101
- RESERVED
+CVE-2019-2102 (In the Bluetooth Low Energy (BLE) specification, there is a
provided e ...)
+ TODO: check
+CVE-2019-2101 (In uvc_parse_standard_control of uvc_driver.c, there is a
possible out ...)
- linux <undetermined>
NOTE: https://source.android.com/security/bulletin/2019-06-01
TODO: check, Android bulletin does not make clear if this only in
Android specific use
CVE-2019-2100
RESERVED
-CVE-2019-2099
- RESERVED
-CVE-2019-2098
- RESERVED
-CVE-2019-2097
- RESERVED
-CVE-2019-2096
- RESERVED
-CVE-2019-2095
- RESERVED
-CVE-2019-2094
- RESERVED
-CVE-2019-2093
- RESERVED
-CVE-2019-2092
- RESERVED
-CVE-2019-2091
- RESERVED
-CVE-2019-2090
- RESERVED
+CVE-2019-2099 (In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a
possible out- ...)
+ TODO: check
+CVE-2019-2098 (In areNotificationsEnabledForPackage of
NotificationManagerService.jav ...)
+ TODO: check
+CVE-2019-2097 (In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is
possibl ...)
+ TODO: check
+CVE-2019-2096 (In EffectRelease of EffectBundle.cpp, there is a possible
memory corru ...)
+ TODO: check
+CVE-2019-2095 (In callGenIDChangeListeners and related functions of
SkPixelRef.cpp, t ...)
+ TODO: check
+CVE-2019-2094 (In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a
possible out o ...)
+ TODO: check
+CVE-2019-2093 (In huff_dec_1D of nlc_dec.cpp, there is a possible out of
bounds write ...)
+ TODO: check
+CVE-2019-2092 (In isSeparateProfileChallengeAllowed of
DevicePolicyManagerService.jav ...)
+ TODO: check
+CVE-2019-2091 (In GetPermittedAccessibilityServicesForUser of
DevicePolicyManagerServ ...)
+ TODO: check
+CVE-2019-2090 (In isPackageDeviceAdminOnAnyUser of PackageManagerService.java,
there ...)
+ TODO: check
CVE-2019-2089
RESERVED
CVE-2019-2088
@@ -57442,34 +57441,34 @@ CVE-2018-10705 (The Owned smart contract
implementation for Aurora DAO (AURA), a
NOT-FOR-US: Aurora DAD
CVE-2018-10704
RESERVED
-CVE-2018-10703
- RESERVED
-CVE-2018-10702
- RESERVED
-CVE-2018-10701
- RESERVED
-CVE-2018-10700
- RESERVED
-CVE-2018-10699
- RESERVED
-CVE-2018-10698
- RESERVED
-CVE-2018-10697
- RESERVED
-CVE-2018-10696
- RESERVED
-CVE-2018-10695
- RESERVED
-CVE-2018-10694
- RESERVED
-CVE-2018-10693
- RESERVED
-CVE-2018-10692
- RESERVED
-CVE-2018-10691
- RESERVED
-CVE-2018-10690
- RESERVED
+CVE-2018-10703 (An issue was discovered on Moxa AWK-3121 1.14 devices. It
provides fun ...)
+ TODO: check
+CVE-2018-10702 (An issue was discovered on Moxa AWK-3121 1.14 devices. It
provides fun ...)
+ TODO: check
+CVE-2018-10701 (An issue was discovered on Moxa AWK-3121 1.14 devices. It
provides fun ...)
+ TODO: check
+CVE-2018-10700 (An issue was discovered on Moxa AWK-3121 1.19 devices. It
provides fun ...)
+ TODO: check
+CVE-2018-10699 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
Moxa AWK 31 ...)
+ TODO: check
+CVE-2018-10698 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
device enab ...)
+ TODO: check
+CVE-2018-10697 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
Moxa AWK 31 ...)
+ TODO: check
+CVE-2018-10696 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
device prov ...)
+ TODO: check
+CVE-2018-10695 (An issue was discovered on Moxa AWK-3121 1.14 devices. It
provides ale ...)
+ TODO: check
+CVE-2018-10694 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
device prov ...)
+ TODO: check
+CVE-2018-10693 (An issue was discovered on Moxa AWK-3121 1.14 devices. It
provides pin ...)
+ TODO: check
+CVE-2018-10692 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
session coo ...)
+ TODO: check
+CVE-2018-10691 (An issue was discovered on Moxa AWK-3121 1.14 devices. It is
intended ...)
+ TODO: check
+CVE-2018-10690 (An issue was discovered on Moxa AWK-3121 1.14 devices. The
device by d ...)
+ TODO: check
CVE-2018-10689 (blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux
kernel a ...)
- blktrace 1.2.0-1 (low; bug #897695)
[stretch] - blktrace 1.1.0-2+deb9u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/80b4dd310edf080e3540972f9b4b02943538dad3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/80b4dd310edf080e3540972f9b4b02943538dad3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
